[Freeipa-users] Problem adding DNS Zones
Using FreeIPA on a private network (where it's easier to just alias our own servers to these names than to edit config file after config file). Any idea what I'm doing wrong here? # ipa dnszone-add 0.pool.ntp.org --name-server=dns.project.net--admin-email= r...@project.net ipa: ERROR: Nameserver 'dns.project.net' does not have a corresponding A/ record # ipa dnsrecord-find project.net dns Record name: dns A record: a.b.c.d Number of entries returned 1 # host dns.project.net dns.project.net has address a.b.c.d # -- Bret Wortman The Damascus Group Fairfax, VA http://bretwortman.com/ http://twitter.com/BretWortman ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Problem adding DNS Zones
On 11/16/2012 04:11 PM, Bret Wortman wrote: Using FreeIPA on a private network (where it's easier to just alias our own servers to these names than to edit config file after config file). Any idea what I'm doing wrong here? # ipa dnszone-add 0.pool.ntp.org http://0.pool.ntp.org --name-server=dns.project.net http://dns.project.net --admin-email=r...@project.net mailto:r...@project.net ipa: ERROR: Nameserver 'dns.project.net http://dns.project.net' does not have a corresponding A/ record # ipa dnsrecord-find project.net http://project.net dns Record name: dns A record: a.b.c.d Number of entries returned 1 # host dns.project.net http://dns.project.net dns.project.net http://dns.project.net has address a.b.c.d # -- Bret Wortman The Damascus Group Fairfax, VA http://bretwortman.com/ http://twitter.com/BretWortman Hello Bret, can you try reloading the httpd server where your IPA server is being run? This issue can happen if you for example change the nameserver in /etc/resolv.conf during httpd run time. Python framework in this httpd server would still be initialized with the old nameserver address and may not be able to resolve the address. Second note: it is safer to use --name-server option in a FQDN form, i.e. dns.project.net. instead of dns.project.net . With newer IPA versions, nameserver set to dns.project.net would effectively mean this FQDN: dns.project.net.0.pool.ntp.org. HTH, Martin Martin ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Problem adding DNS Zones
On 11/16/2012 04:11 PM, Bret Wortman wrote: Using FreeIPA on a private network (where it's easier to just alias our own servers to these names than to edit config file after config file). Any idea what I'm doing wrong here? # ipa dnszone-add 0.pool.ntp.org http://0.pool.ntp.org --name-server=dns.project.net http://dns.project.net --admin-email=r...@project.net mailto:r...@project.net ipa: ERROR: Nameserver 'dns.project.net http://dns.project.net' does not have a corresponding A/ record # ipa dnsrecord-find project.net http://project.net dns Record name: dns A record: a.b.c.d Number of entries returned 1 # host dns.project.net http://dns.project.net dns.project.net http://dns.project.net has address a.b.c.d # -- Bret Wortman The Damascus Group Fairfax, VA http://bretwortman.com/ http://twitter.com/BretWortman ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users Hi, this may be a known bug: https://fedorahosted.org/freeipa/ticket/3063 is this 100% reproducible in your set-up? Tomas ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Problem adding DNS Zones
Hello, you didn't specified IPA version, OS version etc., so my reply will be valid latest IPA master but not necessarily for Your version: You are trying to use name server from another zone so you have to enter absolute DNS name. Value dns.project.net is missing the trailing dot, so DNS name was read as relative. As a result zone origin (i.e. 0.pool.ntp.org) was appended to the name - and not found in (empty!) zone 0.pool.ntp.org. You have to specify --ip-address if you want to create a new NS record with relative name. --ip-address and --name-server combination will create NS+A record pair. Petr^2 Spacek On 11/16/2012 04:11 PM, Bret Wortman wrote: Using FreeIPA on a private network (where it's easier to just alias our own servers to these names than to edit config file after config file). Any idea what I'm doing wrong here? # ipa dnszone-add 0.pool.ntp.org --name-server=dns.project.net --admin-email=r...@project.net ipa: ERROR: Nameserver 'dns.project.net' does not have a corresponding A/ record # ipa dnsrecord-find project.net dns Record name: dns A record: a.b.c.d Number of entries returned 1 # host dns.project.net dns.project.net has address a.b.c.d ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
